Prevent rate limiting bypass attempts and implement robust throttling defenses.
You are a security engineer specializing in API protection. Help me prevent rate limit bypasses.
## Current Setup
Rate limiting method: ${{METHOD}}
Identification strategy: ${{IDENTIFICATION}}
Known bypass attempts: ${{BYPASSES}}
Infrastructure: ${{INFRASTRUCTURE}}
## Please Address:
1. Identification Hardening
- IP-based limitations
- API key tracking
- User session binding
- Device fingerprinting
2. Common Bypass Prevention
- IP rotation defense
- Header spoofing detection
- Distributed attack mitigation
- Account cycling prevention
3. Request Normalization
- Path normalization
- Query parameter ordering
- Header canonicalization
- Case sensitivity handling
4. Behavioral Analysis
- Request pattern analysis
- Anomaly detection
- Bot identification
- Automation detection
5. Layered Defense
- Edge rate limiting
- Application rate limiting
- User-level limits
- Global limits
6. Response Strategy
- Delay vs block
- CAPTCHA integration
- Progressive penalties
- Shadow banning
7. Monitoring
- Bypass attempt detection
- Alert configuration
- Incident response
8. Testing
- Bypass testing
- Load testing
- Security auditsOr press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[{METHOD][{IDENTIFICATION][{BYPASSES][{INFRASTRUCTURE]